Category: Comprehensive Categorization: Incorrect Calculation
Incomplete
Summary
Weaknesses in this category are related to incorrect calculation.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-128 | Wrap-around Error | A wrap-around error happens when a variable exceeds the maximum value its data type can hold, causing it to unexpectedly reset to a very small, negative, or undefined number instead of increasing further. |
| CWE-1335 | Incorrect Bitwise Shift of Integer | This vulnerability occurs when a program attempts to shift an integer's bits by an invalid amount—either a negative number or a value equal to or greater than the integer's bit width (e.g., shifting a 32-bit integer by 32 or more places). This leads to unpredictable and platform-dependent results. |
| CWE-1339 | Insufficient Precision or Accuracy of a Real Number | This vulnerability occurs when a program uses a data type or algorithm that cannot accurately represent or calculate the fractional part of a real number, leading to incorrect results in security-critical operations. |
| CWE-135 | Incorrect Calculation of Multi-Byte String Length | This vulnerability occurs when software incorrectly measures the length of strings containing multi-byte or wide characters, leading to buffer overflows, data corruption, or crashes. |
| CWE-190 | Integer Overflow or Wraparound | Integer overflow or wraparound occurs when a calculation produces a numeric result that exceeds the maximum value a variable can hold. Instead of increasing as expected, the value wraps around to a very small or negative number, breaking the program's logic. |
| CWE-191 | Integer Underflow (Wrap or Wraparound) | Integer underflow occurs when a subtraction operation results in a value smaller than the data type's minimum limit, causing the value to wrap around to a large, incorrect number. |
| CWE-193 | Off-by-one Error | An off-by-one error occurs when a program incorrectly calculates a boundary, such as a loop counter or array index, by being one unit too high or too low. This often leads to buffer overflows, memory corruption, or unexpected program behavior. |
| CWE-369 | Divide By Zero | A divide-by-zero error occurs when software attempts to perform a division operation where the denominator is zero. |
| CWE-467 | Use of sizeof() on a Pointer Type | This vulnerability occurs when a developer uses the sizeof() operator on a pointer variable instead of the data it points to, leading to incorrect size calculations and potential buffer overflows or underflows. |
| CWE-468 | Incorrect Pointer Scaling | This vulnerability occurs when a programmer incorrectly accounts for pointer arithmetic in C or C++, causing the program to access unintended memory locations. The core issue is forgetting that adding an integer to a pointer automatically scales that integer by the size of the data type it points to. |
| CWE-469 | Use of Pointer Subtraction to Determine Size | This vulnerability occurs when a program calculates a size or offset by subtracting two memory pointers, but the pointers point to locations in different memory blocks, leading to an incorrect and potentially dangerous result. |
| CWE-682 | Incorrect Calculation | This vulnerability occurs when software performs a calculation that produces wrong or unexpected results, which are then used to make security decisions or manage critical resources. |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1330].
Comment:
See member weaknesses of this category.